jfeilbach · November 16, 2021 02:47
diff --git a/tunnel.sh b/tunnel.sh
 #!/bin/bash
 # External call to add/remove TCP 22 from SG

 # Environment variables
 AWS_SSH_KEY=""
 AWS_PROFILE=gov
 AWS_DEFAULT_REGION=us-gov-west-1
 AWS_DEFAULT_PROFILE=gov
 AWS_CONFIG_FILE=~/.aws/config
 AWS_SHARED_CREDENTIALS_FILE=~/.aws/credentials
 FED_USERNAME=""
 # Local vars
 gid=""
 cmd=/usr/bin/aws
 # Colors
 NC='\033[0m'              # No color
 WHITE='\033[0;37m'        # White
 RED='\033[0;31m'          # Red

 env_setup () {
    export AWS_PROFILE=gov
    export AWS_DEFAULT_REGION=us-gov-west-1
    export AWS_DEFAULT_PROFILE=gov
 }

 test () {
    status=$(aws ec2 describe-security-groups \
 	--no-paginate \
 	--group-ids ${gid} \
 	--output text \
 	| grep -v ${gid} \
 	| grep 'test 5')
    if [[ -z "${status}" ]] ; then
        echo -e "${WHITE}Safe.${NC}"
 	    else
 	    echo -e "${RED}Unsafe.${NC}"
    fi
 }

 case $1 in

  on)
    env_setup
    aws ec2 authorize-security-group-ingress \
        --group-id  ${gid} \
 	--ip-permissions '[{"IpProtocol": "tcp", "FromPort": 22, "ToPort": 22, "IpRanges": [{"CidrIp": "0.0.0.0/0", "Description": "test 5"}]}]'
    aws ec2 describe-security-groups \
 	--no-paginate \
 	--group-ids ${gid} \
 	--output text \
 	| awk '{if(NR>1)print}' \
 	| grep 'test 5' 
    ;;

  off)
    env_setup
    aws ec2 revoke-security-group-ingress \
        --group-id ${gid} \
 	--ip-permissions '[{"IpProtocol": "tcp", "FromPort": 22, "ToPort": 22, "IpRanges": [{"CidrIp": "0.0.0.0/0", "Description": "test 5"}]}]'
    test
    ;;

  status)
    env_setup
    aws ec2 describe-security-groups \
        --no-paginate \
        --group-ids ${gid} \
        --output text
    echo ""
    test
    ;;

  *)
    echo -e "${RED}Need input.${NC} Options: ${WHITE}on${NC}|${WHITE}off${NC}|${WHITE}status${NC} Exiting."
    exit 1
    ;;
 esac

 exit 0
	#!/bin/bash
	# External call to add/remove TCP 22 from SG

	# Environment variables
	AWS_SSH_KEY=""
	AWS_PROFILE=gov
	AWS_DEFAULT_REGION=us-gov-west-1
	AWS_DEFAULT_PROFILE=gov
	AWS_CONFIG_FILE=~/.aws/config
	AWS_SHARED_CREDENTIALS_FILE=~/.aws/credentials
	FED_USERNAME=""
	# Local vars
	gid=""
	cmd=/usr/bin/aws
	# Colors
	NC='\033[0m' # No color
	WHITE='\033[0;37m' # White
	RED='\033[0;31m' # Red

	env_setup () {
	export AWS_PROFILE=gov
	export AWS_DEFAULT_REGION=us-gov-west-1
	export AWS_DEFAULT_PROFILE=gov
	}

	test () {
	status=$(aws ec2 describe-security-groups \
	--no-paginate \
	--group-ids ${gid} \
	--output text \
	\| grep -v ${gid} \
	\| grep 'test 5')
	if [[ -z "${status}" ]] ; then
	echo -e "${WHITE}Safe.${NC}"
	else
	echo -e "${RED}Unsafe.${NC}"
	fi
	}

	case $1 in

	on)
	env_setup
	aws ec2 authorize-security-group-ingress \
	--group-id ${gid} \
	--ip-permissions '[{"IpProtocol": "tcp", "FromPort": 22, "ToPort": 22, "IpRanges": [{"CidrIp": "0.0.0.0/0", "Description": "test 5"}]}]'
	aws ec2 describe-security-groups \
	--no-paginate \
	--group-ids ${gid} \
	--output text \
	\| awk '{if(NR>1)print}' \
	\| grep 'test 5'
	;;

	off)
	env_setup
	aws ec2 revoke-security-group-ingress \
	--group-id ${gid} \
	--ip-permissions '[{"IpProtocol": "tcp", "FromPort": 22, "ToPort": 22, "IpRanges": [{"CidrIp": "0.0.0.0/0", "Description": "test 5"}]}]'
	test
	;;

	status)
	env_setup
	aws ec2 describe-security-groups \
	--no-paginate \
	--group-ids ${gid} \
	--output text
	echo ""
	test
	;;

	*)
	echo -e "${RED}Need input.${NC} Options: ${WHITE}on${NC}\|${WHITE}off${NC}\|${WHITE}status${NC} Exiting."
	exit 1
	;;
	esac

	exit 0